Windows Speculative Execution Client/Server Patches/Mitigations/Detection Summary

Not intended to be comprehensive, but as of the morning of 4-January, all the worthwhile information I can find published by Microsoft on the Speculative Execution issue:

Note that the “Install-Module” PowerShell cmdlet requires PowerShell v5 or above. 

Windows Client Guidance for IT Pros to protect against speculative execution side-channel vulnerabilities
https://support.microsoft.com/en-us/help/4073119/windows-client-guidance-for-it-pros-to-protect-against-speculative-exe 

Windows Server Guidance to protect against the speculative execution side-channel vulnerabilities
https://support.microsoft.com/en-us/help/4072698/windows-server-guidance-to-protect-against-the-speculative-execution-s 

Important information regarding the Windows security updates released on January 3, 2018 and anti-virus software
https://support.microsoft.com/en-us/help/4072699/important-information-regarding-the-windows-security-updates-released 

ADV180002 | Guidance to mitigate speculative execution side-channel vulnerabilities
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002 

Public disclosure
https://bugs.chromium.org/p/project-zero/issues/detail?id=1272 

SQL Server Guidance to protect against speculative execution side-channel vulnerabilities
https://support.microsoft.com/en-us/help/4073225 

Microsoft Cloud Protections Against Speculative Execution Side-Channel Vulnerabilities
https://support.microsoft.com/en-us/help/4073235

I have not found any evidence of a KB for Exchange Server Guidance.

Client Patch (Windows 10)
https://support.microsoft.com/en-us/help/4056892/windows-10-update-kb4056892

Server Patch (Server Core 1709)
https://support.microsoft.com/en-us/help/4056892 

Server Patch (Server 2016)
https://support.microsoft.com/en-us/help/4056890 

Server Patch (Server 2012R2)
https://support.microsoft.com/en-us/help/4056898 

Server Patch (Server 2008R2)
https://support.microsoft.com/en-us/help/4056897 


Follow me on twitter: @EssentialExch

Exchange Server 2013 on Windows Server 2012

Unless you've been living under a rock, you know that the public betas of all the Wave 15 products, including Office, Exchange, Lync, SharePoint, etc. were released earlier this week as "2013" products. These were all released on Monday July 16, 2012. This follows by a couple of weeks the "release previews" of Windows 8 and Windows Server 2012.

You can download the Exchange Server 2013 public beta/preview here.

In the original release, it was not supported to install the Exchange preview on the Server 2012 preview. Today, Microsoft has changed that guidance and now supports installing Exchange Server 2013 on Windows Server 2012.

At this time, it requires a couple of additional manual steps. You can find information about how to install Exchange Server 2013 on Windows Server 2012 here.

We can reasonably expect that this will be cleaned up before RTM.